During a quarterly audit, a company's technology oversight committee uncovers that certain staff members have been utilizing a third-party cloud storage service to share large project files, bypassing the established enterprise content management system due to its upload limitations. This third-party service was not evaluated or sanctioned by the company's technology governance policies. What does this scenario primarily illustrate?
This scenario illustrates Shadow IT, which occurs when employees use unauthorized software or services that have not been reviewed for security by the organization. The key issue with Shadow IT is that it can lead to unmonitored and potentially insecure data storage or transfer, and may not adhere to the company's security and compliance standards. The incorrect options do not specifically address using unsanctioned services and focus more on targeted threats or specific unauthorized actions that do not pose the same broad security risks as Shadow IT.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Shadow IT, and why is it a concern for organizations?
Open an interactive chat with Bash
What are some common examples of Shadow IT?
Open an interactive chat with Bash
How can organizations manage or prevent Shadow IT effectively?